Vulnerability Details CVE-2021-32005
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. This issue affects: Secomea SiteManager Version 9.6.621421014 and all prior versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.5
References
Products affected by CVE-2021-32005
-
cpe:2.3:h:secomea:sitemanager_1129:-
-
cpe:2.3:h:secomea:sitemanager_1139:-
-
cpe:2.3:h:secomea:sitemanager_1149:-
-
cpe:2.3:h:secomea:sitemanager_3329:-
-
cpe:2.3:h:secomea:sitemanager_3339:-
-
cpe:2.3:h:secomea:sitemanager_3349:-
-
cpe:2.3:h:secomea:sitemanager_3529:-
-
cpe:2.3:h:secomea:sitemanager_3539:-
-
cpe:2.3:h:secomea:sitemanager_3549:-
-
cpe:2.3:o:secomea:sitemanager_1129_firmware:-
-
cpe:2.3:o:secomea:sitemanager_1129_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_1139_firmware:-
-
cpe:2.3:o:secomea:sitemanager_1139_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_1149_firmware:-
-
cpe:2.3:o:secomea:sitemanager_1149_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3329_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3329_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3339_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3339_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3349_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3349_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3529_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3529_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3539_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3539_firmware:9.2c
-
cpe:2.3:o:secomea:sitemanager_3549_firmware:-
-
cpe:2.3:o:secomea:sitemanager_3549_firmware:9.2c